You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Webmaster DKDB <we...@dkdb.dk> on 2013/10/22 08:08:01 UTC
Explanation of message of RDNS_NONE??
Hi Guys
I'm using spamassassin to make sure that my newsletter is formatted properly when sent out, the only error I get is a message like this:
RDNS_NONE and the explanation is Delivered to internal network by a host with no rDNS
My headers looks like this:
Return-path: <bo...@dkdb.dk>
Received: from mx3.onlinespamsolutions.com ([64.4.202.129])
by mail.fribert.dk with ESMTP (TLS encrypted); Mon, 21 Oct 2013 01:30:13 +0200
X-ASG-Debug-ID: 1382311807-01a4803ea7a3640001-b4xtTX
Received: from dkdb.dk (dkdb.dk.37.66.77.in-addr.arpa [77.66.37.119]) by mx3.onlinespamsolutions.com with ESMTP id Tf848cyorIhvSOca (version=TLSv1 cipher=AES256-SHA bits=256 verify=NO) for <te...@fribert.dk>; Sun, 20 Oct 2013 18:30:08 -0500 (CDT)
X-Barracuda-Envelope-From: bounce@dkdb.dk
X-Barracuda-Apparent-Source-IP: 77.66.37.119
Received: from dkdbdk by web1.blanyecloud.net with local (Exim 4.80.1)
(envelope-from <bo...@dkdb.dk>)
id 1VY2Ri-0011yZ-Dw
for test@fribert.dk; Mon, 21 Oct 2013 01:30:06 +0200
To: Test User1 <te...@fribert.dk>
Subject: Invitation til Julefrokost 2013
DKIM-Signature: v=1; a=rsa-sha1; q=dns/txt; l=7137; s=acy;
t=1382311806; c=relaxed/simple; h=from:to:subject;
d=dkdb.dk; bh=CMydCrtQ3/uzwDxbEH1GAaVfTZk=;
b=dYl+sZI81ffkFtU/XZFzonWD0RzVWrfLs2w6ROO0XiUdVO6aRVfxFoBhDBy0
14UhgIqHFKPXX+s1H4/yxrAzSe1l/zmyYEeKb9Kfp+DdwrpGtkLvIIuttmf4
bivGnivlCNzEv2Tb1zVjlA05JqAWS+wL72N0nJAlpswQXNl5QsU=
X-ASG-Orig-Subj: Invitation til Julefrokost 2013
Date: Mon, 21 Oct 2013 01:30:06 +0200
From: Dykkerklubben Dannebroge <no...@dkdb.dk>
Reply-To: Webmaster <we...@dkdb.dk>
Message-ID: <OD...@client10.server8.blanye.com>
X-Priority: 3
X-Mailer: PHPMailer 5.2.6 (https://github.com/PHPMailer/PHPMailer/)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_c104b7e1822dc7056dce62fa784337df"
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - web1.blanyecloud.net
X-AntiAbuse: Original Domain - fribert.dk
X-AntiAbuse: Originator/Caller UID/GID - [573 573] / [47 12]
X-AntiAbuse: Sender Address Domain - dkdb.dk
X-Get-Message-Sender-Via: web1.blanyecloud.net: authenticated_id: dkdbdk/from_h
The only thing I can find in the headers that looks a bit off is:
Received: from dkdbdk by web1.blanyecloud.net with local (Exim 4.80.1)
(envelope-from <bo...@dkdb.dk>)
id 1VY2Ri-0011yZ-Dw
for test@fribert.dk; Mon, 21 Oct 2013 01:30:06 +0200
Is it the not correctly formatted domain name above that the message refers to, or is it something else??
Does it matter? Will spamassasin mark this in real life?
Re: Explanation of message of RDNS_NONE??
Posted by RW <rw...@googlemail.com>.
On Tue, 22 Oct 2013 08:08:01 +0200
Webmaster DKDB wrote:
> Hi Guys
> I'm using spamassassin to make sure that my newsletter is formatted
> properly when sent out, the only error I get is a message like this:
>
> RDNS_NONE and the explanation is Delivered to internal network by a
> host with no rDNS
It means that that the MX server didn't record the reverse dns of the
host from which it received the mail. This can be because:
- it really doesn't have rdns
- the MX server never records rds in the received header
- the internal networks isn't setup correctly so spamassassin is
looking at the wrong header
Re: Explanation of message of RDNS_NONE??
Posted by David B Funk <db...@engineering.uiowa.edu>.
On Tue, 22 Oct 2013, John Hardin wrote:
> On Tue, 22 Oct 2013, Dave Funk wrote:
>
>> On Tue, 22 Oct 2013, Kai Schaetzl wrote:
>>
>>> Webmaster DKDB wrote on Tue, 22 Oct 2013 08:08:01 +0200:
>>>
>>> > dkdb.dk.37.66.77.in-addr.arpa
>>>
>>> Probably because of this. This reverse DNS is not under an existing top-
>>> level-domain and looks very much like a normal reverse lookup (and not
>>> the
>>> result). Have them set it to a real public hostname.
>>>
>>> Kai
>>
>> Kai,
>> .in-addr.arpa. -is- the official top-level dns zone for reverse map data.
>
> Granted, but nobody should be setting the *forward* name of a host to
> something in the in-addr.arpa domain, which is what appears to have been done
> here.
Both Kai & I were talking about the DNS reverse-map data for that IP address,
I have no idea where you're getting "*forward* name" out of this discussion.
Any "bind" DNS admin worth their salt would recognize that "dkdb.dk.37.66.77.in-addr.arpa"
result as a clear indication of a mistake in the DNS reverse map zone data for
that IP address. If you don't believe me, google for dns reverse map zone
missing dots, and you'll find pages like:
http://www.zytrax.com/books/dns/apa/dot.html
(look at the very last example on that page for this exact type of error).
If that DNS zone file had the missing dot, it would have mapped that
77.66.37.119 adder to the hostname dkdb.dk.
So all the OP's woes were caused by a careless DNS admin at his ISP.
Checking it now, they've fixed it.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
Re: Explanation of message of RDNS_NONE??
Posted by John Hardin <jh...@impsec.org>.
On Tue, 22 Oct 2013, Dave Funk wrote:
> On Tue, 22 Oct 2013, Kai Schaetzl wrote:
>
>> Webmaster DKDB wrote on Tue, 22 Oct 2013 08:08:01 +0200:
>>
>> > dkdb.dk.37.66.77.in-addr.arpa
>>
>> Probably because of this. This reverse DNS is not under an existing top-
>> level-domain and looks very much like a normal reverse lookup (and not the
>> result). Have them set it to a real public hostname.
>>
>> Kai
>
> Kai,
> .in-addr.arpa. -is- the official top-level dns zone for reverse map data.
Granted, but nobody should be setting the *forward* name of a host to
something in the in-addr.arpa domain, which is what appears to have been
done here.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Gun Control is nothing more than an attempt to return to feudalism,
where the peasants are helpless and must humbly petition their lord
and master to protect them from bandits and thieves (when they can
get around to it), and where the lords and masters can abuse the
peasants whenever they like without fear of effective resistance.
-----------------------------------------------------------------------
509 days since the first successful private support mission to ISS (SpaceX)
Re: Explanation of message of RDNS_NONE??
Posted by Dave Funk <db...@engineering.uiowa.edu>.
On Tue, 22 Oct 2013, Kai Schaetzl wrote:
> Webmaster DKDB wrote on Tue, 22 Oct 2013 08:08:01 +0200:
>
>> dkdb.dk.37.66.77.in-addr.arpa
>
> Probably because of this. This reverse DNS is not under an existing top-
> level-domain and looks very much like a normal reverse lookup (and not the
> result). Have them set it to a real public hostname.
>
> Kai
Kai,
.in-addr.arpa. -is- the official top-level dns zone for reverse map data.
Webmaster,
That's because the reverse-map entry for 119 in the 37.66.77.in-addr-arpa
zone file is missing a period at its end. That's a DNS admin error.
send email to hostmaster@ngdc.net and ask them to fix that.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
Re: Explanation of message of RDNS_NONE??
Posted by Kai Schaetzl <ma...@conactive.com>.
Webmaster DKDB wrote on Tue, 22 Oct 2013 08:08:01 +0200:
> dkdb.dk.37.66.77.in-addr.arpa
Probably because of this. This reverse DNS is not under an existing top-
level-domain and looks very much like a normal reverse lookup (and not the
result). Have them set it to a real public hostname.
Kai
--
Get your web at Conactive Internet Services: http://www.conactive.com